<%
'#---------------------------------------------------------------------------------------
'# config 파일과 함께 환경설정 변수의 값을 결정합니다.
'# config 파일에서 사용되는 기본적인 함수를 포함하고 있습니다.
'# 2006.11.9 진재복 수정하였음
'#---------------------------------------------------------------------------------------
'# -----------------------------------------------------------------------------------------------
'# 권한 체크 함수
'# -----------------------------------------------------------------------------------------------
function get_level_check(cm_level,check_level)
level_check_yn="N"
select case check_level
case "aa" '#최고관리자레벨
if cm_level = "aa" then
level_check_yn = "Y"
end if
case "bb" '#중앙관리자
if (cm_level = "aa") or (cm_level = "bb") then
level_check_yn = "Y"
end if
case "ee" '#관리자(총무,기획)
if (cm_level = "aa") or (cm_level = "bb") or (cm_level = "ee") then
level_check_yn = "Y"
end if
case "kk" '#직원
if (cm_level = "aa") or (cm_level = "bb") or (cm_level = "ee") or (cm_level = "kk") then
level_check_yn = "Y"
end if
case "pp" '#윤등회원
if (cm_level = "aa") or (cm_level = "bb") or (cm_level = "ee") or (cm_level = "kk") or (cm_level = "pp") then
level_check_yn = "Y"
end if
case "xx" '#일반회원
if (cm_level = "aa") or (cm_level = "bb") or (cm_level = "ee") or (cm_level = "kk") or (cm_level = "pp") or (cm_level = "xx") then
level_check_yn = "Y"
end if
case "zz" '#비회원은 모두 Y이다
level_check_yn ="Y"
case else
level_check_yn="N"
end select
get_level_check=level_check_yn
end function
'# -----------------------------------------------------------------------------------------------
'# 확장자를 제외한 파일명 구하기
'# -----------------------------------------------------------------------------------------------
function get_php_self_filename(uri)
uri=request.servervariables("url")
ridx=instrrev(uri,"/")
idx=instrrev(uri,".")
filename=mid(uri,ridx+1,idx-ridx-1)
get_php_self_filename=filename
end function
'# -----------------------------------------------------------------------------------------------
'# 확장자를 제외한 파일명 구하기
'# -----------------------------------------------------------------------------------------------
function get_php_self_dirname(uri)
uri=request.servervariables("url")
ridx=instrrev(uri,"/")
dirname=mid(uri,1,ridx)
get_php_self_dirname=dirname
end function
'# -----------------------------------------------------------------------------------------------
'# 태그사용 불가능 뷰
'# -----------------------------------------------------------------------------------------------
function print_htmltag_yesno(cf_allow_html)
if cf_allow_html="Y" then
response.write("<font size=2>(태그<font color=red>가능</font>)</font>")
else
response.write("<font size=2>(태그<font color=red>불가</font>)</font>")
end if
end function
'# -----------------------------------------------------------------------------------------------
'# 스크립트창
'# -----------------------------------------------------------------------------------------------
function error_msg(msg,action,target)
if target = "" then
target = "window"
end if
response.write "<script language='javascript'>"
if msg <> "" then
response.write "alert("""&msg&""");"
end if
if action = "" then
response.write ""
elseif action = "-1" or action = "back" then
response.write "history.back();"
elseif action = "close" then
response.write target&".close();"
elseif action = "reload" then
response.write target&".location.reload(true);"
else
response.write target&".location.href='"&action&"'"
end if
response.write "</script>"
end function
function popup_msg(msg)
response.write("<script language='javascript'>")
response.write("alert(""" & msg & """);")
response.write("history.back();")
response.write("</script>")
end function
'# -----------------------------------------------------------------------------------------------
'# 날짜구하기
'# -----------------------------------------------------------------------------------------------
function get_date(dtype)
tm_yy =year(now)
tm_mm = 0&month(now)
tm_mm = right(tm_mm,2)
tm_dd = 0&day(now)
tm_dd = right(tm_dd,2)
tm_hh = 0&hour(now)
tm_hh = right(tm_hh,2)
tm_mi = 0&minute(now)
tm_mi = right(tm_mi,2)
tm_ss = 0&second(now)
tm_ss = right(tm_ss,2)
select case dtype
case "yy"
tm_value = tm_yy
case "mm"
tm_value = tm_mm
case "dd"
tm_value = tm_dd
case "ymd"
tm_value = tm_yy & tm_mm & tm_dd
case "ymdhms"
tm_value =tm_yy&tm_mm&tm_dd&tm_hh&tm_mi&tm_ss
end select
get_date = tm_value
end function
'# -----------------------------------------------------------------------------------------------
'# 접속자 아이피
'# -----------------------------------------------------------------------------------------------
function get_ip()
tm_ip = request.servervariables("remote_host")
get_ip = tm_ip
end function
'# -----------------------------------------------------------------------------------------------
'# 접속자 아이디
'# -----------------------------------------------------------------------------------------------
function get_id()
ck_cm_id = request.cookies("CK_CM_ID")
if ck_cm_id <> "" then
tm_id = ck_cm_id
end if
get_id = tm_id
end function
'# -----------------------------------------------------------------------------------------------
'# 접속자 명 구하기
'# -----------------------------------------------------------------------------------------------
function get_nm()
ck_cm_nm = request.cookies("CK_CM_NM")
if ck_cm_nm <> "" then
tm_nm = ck_cm_nm
end if
get_nm = tm_nm
end function
function get_check_value(check)
if check <> "" then
tm_check ="Y"
else
tm_check ="N"
end if
get_check_value = tm_check
end function
function get_check_gender(check)
if check = "M" then
tm_check ="남"
else
tm_check ="여"
end if
get_check_gender = tm_check
end function
'###########################################################################
' DB 값 가져오기
'# -----------------------------------------------------------------------------------------------
'# 단일 레코드값 가져오기
'# -----------------------------------------------------------------------------------------------
function get_value_db(sql)
set get_rs = conn.execute(sql)
if not get_rs.eof then
my_value = get_rs(0)
end if
set get_rs = nothing
get_value_db = my_value
end function
'# -----------------------------------------------------------------------------------------------
'# MAX 값 가져오기
'# -----------------------------------------------------------------------------------------------
function get_maxvalue_db(sql)
set get_rs = conn.execute(sql)
if not get_rs.eof then
my_value = get_rs(0)
end if
set get_rs = nothing
if isnull(my_value) then
my_value = 1
else
my_value = my_value + 1
end if
get_maxvalue_db = my_value
end function
'# -----------------------------------------------------------------------------------------------
'# COUNT 가져오기
'# -----------------------------------------------------------------------------------------------
function get_count_db(sql)
set get_rs = conn.execute(sql)
if not get_rs.eof then
my_value = get_rs(0)
end if
set get_rs = nothing
if isnull(my_value) then
my_value = 0
end if
get_count_db = my_value
end function
'# -----------------------------------------------------------------------------------------------
'# 회원 이름 가져오기
'# field : 필드명 id : 아이디
'# -----------------------------------------------------------------------------------------------
function get_member_db(field,id)
sql = "select "&field&" from " & cf_table_mem_nm & " where cm_id='"&id&"'"
set get_rs = conn.execute(sql)
if not get_rs.eof then
my_value = get_rs(0)
end if
set get_rs = nothing
get_member_db = my_value
end function
' *--- execute ----*
function execute_db(sql)
conn.execute(sql)
end function
' DB 값 가져오기 끝
'###########################################################################
'###########################################################################
' 문자열 관련
'# -----------------------------------------------------------------------------------------------
'# 문자열 변환
'# -----------------------------------------------------------------------------------------------
function set_replace(str,rtype)
if str <> "" then
select case rtype
case "br" ' *--- 개행처리 ---*
tm_value = replace(str,chr(10),"<br>")
case "html" ' *--- html 제거 ---*
tm_value=replace(str,"&","&")
tm_value=replace(str,"<","<")
tm_value=replace(str,">",">")
tm_value=replace(str," "," ")
case "bind" ' *--- ' -> '' ---*
tm_value =replace(str,"'","''")
case "br_html"
tm_value=replace(str,"&","&")
tm_value=replace(str,"<","<")
tm_value=replace(str,">",">")
tm_value=replace(str," "," ")
tm_value = replace(str,chr(10),"<br>")
end select
end if
set_replace = tm_value
end function
'# -----------------------------------------------------------------------------------------------
'# 날짜형식 변환
'# -----------------------------------------------------------------------------------------------
function set_date(str,dtype)
if str <> "" then
select case dtype
case "ymd"
tm_value = left(str,4) &"-"& mid(str,5,2) &"-"& mid(str,7,2)
case "ymdhms"
tm_value = left(str,4) &"-"& mid(str,5,2) &"-"& mid(str,7,2) &" ( " &_
mid(str,9,2) &":"& mid(str,11,2) &":"& mid(str,13,2) & " ) "
Case "ymd2"
tm_value = left(str,4) &"년 "& mid(str,5,2) &"월 "& mid(str,7,2) &"일"
Case "ym"
tm_value = Left(str,4) &"년 "& Mid(str,5,2) &"월"
end select
end if
set_date = tm_value
end function
'# -----------------------------------------------------------------------------------------------
'# 숫자 포맷
'# -----------------------------------------------------------------------------------------------
function set_formatnumber(value,size)
if value <> "" then
tm_value = formatnumber(value,size)
end if
set_formatnumber = tm_value
end function
'# -----------------------------------------------------------------------------------------------
'# 문자열 자르기
'# -----------------------------------------------------------------------------------------------
function Str_Cut(named,cut_len)
name_len = len(named)
length = 0
orgin_name = ""
for i = 1 to name_len
a = mid(named,i,1)
if asc(a) < 0 then
length = length + 2
else
length = length + 1
end if
orgin_name = orgin_name + a
if length > cut_len then
orgin_name = orgin_name + "..."
exit for
end if
next
Str_Cut = orgin_name
end function
' 문자열 관련 끝
'###########################################################################
'###########################################################################
' 파일관련
'# -----------------------------------------------------------------------------------------------
'# 폴더 생성
'# -----------------------------------------------------------------------------------------------
function make_folder()
set fso = server.createobject("scripting.filesystemobject")
udir=server.mappath(savedir)
ufolder=udir
if fso.folderexists(ufolder) then
else
fso.createfolder ufolder
end if
end function
'# -----------------------------------------------------------------------------------------------
'# 파일 삭제
'# -----------------------------------------------------------------------------------------------
function file_delete(file_name)
set fso=server.createobject("scripting.filesystemobject")
path=server.mappath(savedir)
file=path&"\" & file_name
if fso.fileexists(file) then
fso.deletefile(file)
end if
end function
'# -----------------------------------------------------------------------------------------------
'# 파일업로드
'# fr_input_nm : 파일전송명 (스트링)
'# userfile : 콤포에서 받은 파일( userfile = upload.item("fr_input_nm") )
'# attach_size : 파일사이즈
'# -----------------------------------------------------------------------------------------------
function file_upload(fr_input_nm,userfile,attach_size)
' 확장자 구하기
point=instrrev(userfile,".")+1
extention=mid(userfile,point)
'확장자 제한
if extention = "html" or extention = "asp" or extention ="exe" or extention = "bat" then
popup_msg("해당 파일은 첨부할수 없습니다.")
response.end
end if
'파일 사이즈 제한
cf_attach_size = cf_attach_size * 1000 ' 단위 :byte
if attach_size > cf_attach_size then
popup_msg("첨부파일의 크기는" &cf_attach_size& " 미만입니다")
response.end
end if
' 실제 파일명 구하기
i= instrrev(userfile,"\")+1
userfile_name=mid(userfile,i) '실제 파일명
'폴더생성
make_folder()
set fso=server.createobject("scripting.filesystemobject")
path=server.mappath(savedir)
file1=path& "\" & userfile_name
'동일 파일 존재 확인
if fso.fileexists(file1) then
popup_msg("동일한 이름의 파일이 이미 존재합니다.")
response.end
end if
'파일 사이즈 단위 변경
'if attach_size > 1024 then
'attach_size=formatnumber(attach_size /1024 , 2 )&" KB"
'else
'attach_size=attach_size&" byte"
'end if
'attach_size=formatnumber(attach_size / 1024,2)
uppath=path& "\" &userfile_name
upload(fr_input_nm).saveas(uppath)
file_upload = userfile_name
end function
'# -----------------------------------------------------------------------------------------------
'# 파일 업로드
'# fr_input_nm : 파일전송명 (스트링)
'# userfile : 콤포에서 받은 파일( userfile = upload.item("fr_input_nm") )
'# attach_size : 파일사이즈
'# -----------------------------------------------------------------------------------------------
function file_upload2(fr_input_nm,userfile,attach_size,idx)
point=instrrev(userfile,".")+1
extention=mid(userfile,point)
'확장자 제한
if extention = "html" or extention = "asp" or extention ="exe" or extention = "bat" then
popup_msg("해당 파일은 첨부할수 없습니다.")
response.end
end if
'파일 사이즈 제한
cf_attach_size = cf_attach_size * 1000 ' 단위 :byte
if attach_size > cf_attach_size then
popup_msg("첨부파일의 크기는" &cf_attach_size& " 미만입니다")
response.end
end if
i= instrrev(userfile,"\")+1
userfile_name=idx & "_" & mid(userfile,i) '실제 파일명 + 인덱스
'폴더생성
make_folder()
set fso=server.createobject("scripting.filesystemobject")
path=server.mappath(savedir)
file1=path& "\" & userfile_name
'동일 파일 존재 확인
if fso.fileexists(file1) then
popup_msg("동일한 이름의 파일이 이미 존재합니다.")
response.end
end if
'파일 사이즈 단위 변경
'if attach_size > 1024 then
'attach_size=formatnumber(attach_size /1024 , 2 )&" KB"
'else
'attach_size=attach_size&" byte"
'end if
'attach_size=formatnumber(attach_size / 1024,2)
uppath=path& "\" &userfile_name
upload(fr_input_nm).saveas(uppath)
file_upload2 = userfile_name
end function
' 파일관련 끝
'###########################################################################
'###########################################################################
' DB관련 끝
'# -----------------------------------------------------------------------------------------------
'# 코드구하기
'# -----------------------------------------------------------------------------------------------
function get_code_nm(cd)
sql = "select nm from "&cf_table_cod_nm&" where cd='" &cd& "'"
set get_rs = conn.execute(sql)
if not get_rs.eof then
nm = get_rs(0)
end if
set get_rs = nothing
get_code_nm = nm
end function
'# -----------------------------------------------------------------------------------------------
'# 셀렉트박스
'# -----------------------------------------------------------------------------------------------
sub mk_select_option(sql,value,name,op,res)
response.write "<select name='"&name&"' "&op&">"
if res <> "" then
response.write "<option value='' >" & res & "</option>"
end if
set mk_rs = conn.execute(sql)
while not mk_rs.eof
my_cd = mk_rs(0)
my_nm = mk_rs(1)
tm_selected = ""
if Cstr(my_cd) = Cstr(value) then tm_selected = "selected"
response.write "<option value='" &my_cd& "' " &tm_selected& ">" &my_nm& "</option>"
mk_rs.movenext
wend
set mk_rs = nothing
response.write "</select>"
end sub
'# -----------------------------------------------------------------------------------------------
'# 셀렉트박스
'# op : 옵션 , name : 이름 , code : 종합코드gb , value : 값 , res :초기값
'# -----------------------------------------------------------------------------------------------
sub mk_select_option2(name,code,value,op,res)
response.write "<select name='"&name&"' "&op&">"
if res <> "" then
response.write "<option value='' >" & res & "</option>"
else
end if
sql = "select cd,nm from "&cf_table_cod_nm&" where gb='"&code&"' and cd >= '"& cf_cook_level &"' order by con_cd asc,nm_desc,nm"
set mk_rs = conn.execute(sql)
while not mk_rs.eof
my_cd = mk_rs(0)
my_nm = mk_rs(1)
tm_selected = ""
if Cstr(my_cd) = Cstr(value) then tm_selected = "selected"
response.write "<option value='" &my_cd& "' " &tm_selected& ">" &my_nm& "</option>"
mk_rs.movenext
wend
set mk_rs = nothing
response.write "</select>"
end sub
' *--- 셀렉트박스 채우기 ---*
'op : 옵션
'name : 이름, code : 종합코드gb, value : 값
sub mk_select_option3(name,code,value,op)
response.write "<select name='"&name&"' "&op&">"
sql = "select cd,nm from "&cf_table_cod_nm&" where gb='"&code&"' and cd >= '"& cf_cook_level &"' order by nm_desc,nm"
set mk_rs = conn.execute(sql)
while not mk_rs.eof
my_cd = mk_rs(0)
my_nm = mk_rs(1)
tm_selected = ""
if Cstr(my_cd) = Cstr(value) then tm_selected = "selected"
response.write "<option value='" &my_cd& "' " &tm_selected& ">" &my_nm& "</option>"
mk_rs.movenext
wend
set mk_rs = nothing
response.write "</select>"
end sub
' *--- 셀렉트박스 채우기 ---*
sub mk_select_option4(sql,value)
set mk_rs = conn.execute(sql)
while not mk_rs.eof
my_cd = mk_rs(0)
my_nm = mk_rs(1)
tm_selected = ""
if Cstr(my_cd) = Cstr(value) then tm_selected = "selected"
response.write "<option value='" &my_cd& "' " &tm_selected& ">" &my_nm& "</option>"
mk_rs.movenext
wend
set mk_rs = nothing
end sub
' DB관련 끝
'###########################################################################
'###########################################################################
' 쇼핑몰 관련
'# -----------------------------------------------------------------------------------------------
'# 쇼핑몰 이미지 가져오기
'# field 가져올 필드 it_no : 쇼핑몰 NO 값
'# -----------------------------------------------------------------------------------------------
function get_shop_img(field,it_no)
sql3 = "select "&field& " from "& cf_table_img_nm & " WHERE SH_NO='"& it_no &"'"
set rs3 = conn.execute(sql3)
tm_name = ""
if not rs3.eof then
tm_name = rs3(0)
end if
get_shop_img = tm_name
end function
function file_check(file)
set fso=server.createobject("scripting.filesystemobject")
if fso.fileexists(file) then
tm_v = 1
else
tm_v = 0
end if
set fso=nothing
file_check = tm_v
end function
sub get_shop_option(name,sh_option)
tm_split = split(sh_option,"@")
response.write "<select name='"&name&"'>"
for i = 0 to ubound(tm_split)
response.write "<option value='"&tm_split(i)&"'>"&tm_split(i)&"</option>"
next
response.write "</select>"
end sub
' 쇼핑몰관련 끝
'###########################################################################
'# -----------------------------------------------------------------------------------------------
'# sms 발송 결과
'# -----------------------------------------------------------------------------------------------
function sms_result(result)
dim errorCode
dim errorMSG
dim smsID
result = mid(result,10)
if (mid(result,1,6) = "ERROR:") then
errorCode = mid(result,7,4)
errorMSG = mid(result,11,100)
elseif (mid(result,1,6) = "SMSID:") then
smsID=mid(result,7,12)
end if
sms_result = errorCode&"^^"&errorMSG&"^^"&smsID
end function
function get_cust_id_value(g_cust_id)
sql = "SELECT CUST_ID FROM BVCM_CUST_T WHERE CUST_ID = '" &g_cust_id & "'"
rs=conn.execute(sql)
'OCIFetchInto(stmt,&arr,OCI_NUM + OCI_RETURN_NULLS)
'OCIFreeStatement(stmt)
arr=rs(0)
if arr = g_cust_id then
'return arr[0]
g_cust_id_return=arr
else
'return g_cust_id
g_cust_id_return=g_cust_id
end if
get_cust_id_value=g_cust_id_return
end function
function cust_id_check(G_CM_ID,PHP_AUTH_USER)
'if PHP_AUTH_USER then
'else if G_CM_ID="" then
' error("NO_ACCESS_CUST_ID")
'end if
end function
function auth_user_check(PHP_AUTH_USER)
if PHP_AUTH_USER<>"" then
error("NO_ACCESS_AUTH_USER")
end if
end function
function get_button_value(uri)
BUTTON_VALUE_POST = "글 쓰 기"
BUTTON_VALUE_MODIFY = "수정 글쓰기"
BUTTON_VALUE_REPLY = "답변 글쓰기"
BUTTON_VALUE_DELETE = "글 삭 제"
BUTTON_VALUE_RESET = "취 소"
select case uri
case "postform"
button_value = BUTTON_VALUE_POST
case "postform1"
button_value = BUTTON_VALUE_POST
case "modifyform"
button_value = BUTTON_VALUE_MODIFY
case "replyform"
button_value = BUTTON_VALUE_REPLY
case "deleteform"
button_value = BUTTON_VALUE_DELETE
case "reset"
button_value = BUTTON_VALUE_RESET
case else
end select
get_button_value=button_value
end function
function print_title_image(code)
img_title = code & ".gif"
'echo("<center><img src=\"img_title\" border=0></center><p>")
response.write("<center><Img src=" &img_title& " border=0></center><p>")
end function
function error(errcode)
select case errcode
case "DB_ERROR"
popup_msg("입력하신 연락처는 허용되지 않는 문자입니다.\n\n 다시 입력하여 주십시오.")
case "INPUT_ERROR"
popup_msg("등록고객이 아닙니다. \n\n 등록 고객만 수정 삭제가 가능합니다.")
case "MAX_ERROR"
popup_msg("입력하신 종목명은 등록되지 않은 종목명 입니다.\n\n먼저 종목등록신청에서 등록하여 주십시오.")
' case ("NO_ACCESS_CUST_ID_NEW") :
' popup_msg("가입해지된 사용자입니다. \\n\\n다시 회원가입후 사용하여 주십시오. ")
'echo("<a href=\"/login/login.html\"><font size=2>회원등록</font></a>)")")
case else
end select
end function
' *--- 과정정보찾기 ---*
function get_code_con_cd(cd)
sql = "select con_cd from "&cf_table_cod_nm&" where cd='" &cd& "'"
set get_rs = conn.execute(sql)
if not get_rs.eof then
nm = get_rs(0)
end if
set get_rs = nothing
get_code_con_cd = nm
end function
Public Function URLDecode(URLStr)
Dim sURL '** 입력받은 URL 문자열
Dim sBuffer '** Decoding 중의 URL 을 담을 Buffer 문자열
Dim cChar '** URL 문자열 중의 현재 Index 의 문자
Dim Index
On Error Resume Next
Err.Clear
sURL = Trim(URLStr) '** URL 문자열을 얻는다.
sBuffer = "" '** 임시 Buffer 용 문자열 변수 초기화.
'******************************************************
'* URL Decoding 작업
'******************************************************
Index = 1
Do While Index <= Len(sURL)
cChar = Mid(sURL, Index, 1)
If cChar = "+" Then
'** '+' 문자 :: ' ' 로 대체하여 Buffer 문자열에 추가한다.
sBuffer = sBuffer & " "
Index = Index + 1
ElseIf cChar = "%" Then
'** '%' 문자 :: Decoding 하여 Buffer 문자열에 추가한다.
cChar = Mid(sURL, Index + 1, 2)
If CInt("&H" & cChar) < &H80 Then
'** 일반 ASCII 문자
sBuffer = sBuffer & Chr(CInt("&H" & cChar))
Index = Index + 3
Else
'** 2 Byte 한글 문자
cChar = Replace(Mid(sURL, Index + 1, 5), "%", "")
sBuffer = sBuffer & Chr(CInt("&H" & cChar))
Index = Index + 6
End If
Else
'** 그 외의 일반 문자들 :: Buffer 문자열에 추가한다.
sBuffer = sBuffer & cChar
Index = Index + 1
End If
Loop
'** Error 처리
If Err.Number > 0 Then
URLDecode = ""
Exit Function
End If
'** 결과를 리턴한다.
URLDecode = sBuffer
Exit Function
End Function
'==================================================
' 이미지 크기 얻는 함수 GetImageSize(물리적경로)
'==================================================
Function GetImageSize(Virtual_Image_Path, limit_width)
Dim objPic
dim retVal(2)
Set objPic = LoadPicture(Virtual_Image_Path)
img_Width = CLng(CDbl(objPic.Width) * 24 / 635)
img_Height = CLng(CDbl(objPic.Height) * 24 / 635)
If (img_Width > limit_width) then
imgWidth = limit_width
imgHeight = img_Height *( limit_width / img_Width)
Else
imgWidth = img_Width
imgHeight = img_Height
end if
' imgHeight = CLng(CDbl(objPic.Height) * 24 / 635)
Set objPic = Nothing
retVal(0) = imgWidth
retVal(1) = imgHeight
GetImageSize=retVal
End Function
function SQL_Injection( get_String )
get_String = REPLACE( get_String, "'", "''" )
'get_String = REPLACE( get_String, ";", ";;" )
'get_String = REPLACE( get_String, "and", "", 1, -1, 1 )
get_String = REPLACE( get_String, "--", "" )
get_String = REPLACE( get_String, "sp_", "", 1, -1, 1 )
get_String = REPLACE( get_String, "xp_", "", 1, -1, 1 )
get_String = REPLACE( get_String, "select", "", 1, -1, 1 )
get_String = REPLACE( get_String, "insert", "", 1, -1, 1 )
get_String = REPLACE( get_String, "update", "", 1, -1, 1 )
get_String = REPLACE( get_String, "delete", "", 1, -1, 1 )
get_String = REPLACE( get_String, "union", "", 1, -1, 1 )
get_String = REPLACE( get_String, "exec", "", 1, -1, 1 )
get_String = REPLACE( get_String, "sysobject", "", 1, -1, 1 )
get_String = REPLACE( get_String, "1=1", "", 1, -1, 1 )
SQL_Injection = get_String
end function
'확장자 체크
function ext_check(ext)
redim allow_ext(17)
allow_ext(0) = "jpg"
allow_ext(1) = "jpeg"
allow_ext(2) = "gif"
allow_ext(3) = "png"
allow_ext(4) = "hwp"
allow_ext(5) = "xls"
allow_ext(6) = "xlsx"
allow_ext(7) = "doc"
allow_ext(8) = "docx"
allow_ext(9) = "bmp"
allow_ext(10) = "zip"
allow_ext(11) = "ppt"
allow_ext(12) = "pptx"
allow_ext(13) = "txt"
allow_ext(14) = "avi"
allow_ext(15) = "wmv"
allow_ext(16) = "asf"
if in_array(LCase(ext), allow_ext) = true then
ext_check = true
else
ext_check = false
end if
end function
'배열에 포함榮쩝?확인
Function in_array(element, arr)
For i=0 To Ubound(arr)
If Trim(arr(i)) = Trim(element) Then
in_array = True
Exit Function
Else
in_array = False
End If
Next
End Function
function get_vote_result(p_no,ps_no,pi_no)
t_sql = "SELECT COUNT(*) FROM CM_VOTE_LOG WHERE P_NO ='"&p_no&"' AND PS_NO = '"&ps_no&"' "
set t_rs = conn.execute(t_sql)
total = t_rs(0)
set t_rs = nothing
sql = "SELECT COUNT(*) FROM CM_VOTE_LOG WHERE P_NO ='"&p_no&"' AND PS_NO = '"&ps_no&"' AND PI_NO = '"&pi_no&"' "
set get_rs = conn.execute(sql)
my_value = get_rs(0)
set get_rs = nothing
if total = 0 then
get_vote_result = 0
else
get_vote_result = my_value/total *100
end if
end function
function get_cate_nm(no)
sql = "select CATE_NM from CM_NEWS_CATE where NO='"&no&"'"
set get_rs = conn.execute(sql)
if not get_rs.eof then
my_value = get_rs(0)
end if
set get_rs = nothing
get_cate_nm = my_value
end function
function get_cate_img(no)
sql = "select CATE_NM from CM_NEWS_CATE where NO='"&no&"'"
set get_rs = conn.execute(sql)
if not get_rs.eof then
my_value = get_rs(0)
end if
tm_img = ""
' 이미지라 강제로 박음
select case no
case "1"
tm_img = "list_t1.gif"
case "4"
tm_img = "list_t2.gif"
case "5"
tm_img = "list_t3.gif"
case "6"
tm_img = "list_t4.gif"
case "7"
tm_img = "list_t5.gif"
case "8"
tm_img = "list_t6.gif"
case "9"
tm_img = "list_t7.gif"
end select
set get_rs = nothing
get_cate_img = "<img src=""/images/contents/"&tm_img&""" alt="""&my_value&""" />"
end function
function get_a_site(cate_no)
select case cate_no
case "1"
tm_a_site = "2_0"
case "4"
tm_a_site = "3_0"
case "5"
tm_a_site = "4_0"
case "6"
tm_a_site = "6_0"
case "7"
tm_a_site = "5_0"
case "8"
tm_a_site = "4_0"
case "9"
tm_a_site = "8_0"
end select
get_a_site = tm_a_site
end function
function eregi_replace(pattern, replace, text)
Dim eregObj:
Set eregObj = New RegExp:
eregObj.Pattern = pattern: '//패턴 설정
eregObj.IgnoreCase = True: '//대소문자 구분 여부
eregObj.Global = True: '//전체 문서에서 검색
eregi_replace = eregObj.Replace(text, replace): '//Replace String
End function
'//허용태그 외의 모든 태그제거 함수
function strip_tags(str,allowtags)
Dim content:
Dim tags:
content = str:
tags = replace(allowtags,",","|"):
content = eregi_replace("<(\/?)(?!\/|" & tags & ")([^<>]*)?>", "", content):
content = eregi_replace("(javascript\:|vbscript\:)+","",content):
content = eregi_replace("(\.location|location\.|onload=|\.cookie|alert\(|window\.open\(|onmouse|onkey|onclick|view\-source\:)+","//",content): '//자바스크립트 실행방지
strip_tags = content:
End function
%>
'Developer > asp' 카테고리의 다른 글
| 인코딩 고찰. ASP (0) | 2016.05.31 |
|---|---|
| aspjson read.. (0) | 2016.05.23 |
| xls 파일 읽어오기 (0) | 2015.06.15 |
| asp header 추가하기,Access-Control-Allow-Origin: * / 크로스도메인 / 브라우저 보안 (3) | 2015.04.02 |
| http 와 https 간의 세견 공유 ,classic ASP (0) | 2015.03.23 |